Data Protection


We apply the UK Data Protection Act 1998 to all of our operations.


The UK Data Protection Act gives individuals rights over how their personal information is used and sets out rules for organisations that handle personal information.


Our Infirmatiom and Private Policy describes how we treat personal information.



Under the UK Data Protection Act any individual has the general right to ask for a copy of the personal information held about them. This means that you can ask for the information that we hold about you. This is known as the right of ‘subject access’. When making a request you will need to give us:


  • a request in writing
  • proof of your identity (e.g. passport)
  • proof of your address (e.g. utility bill)
  • any information that we reasonably need to process the request.  For example details of our offices or staff that you have had contact with and when.

We will not start looking for your information until we receive all of the above. In order to submit your request, or for help making a request, please contact our





Information security and privacy policy


We collect and use personal information to offer people information about our products and services. This policy applies to all systems used to collect, store, process or transfer information.


zerOclassikal is committed to:

  • performing privacy impact assessments to protect the privacy and rights of its customers and employees
  • protecting the confidentiality, integrity and availability of the information it collects, stores, transfers and processes in accordance with UK law and international good practice, and to meeting its legal requirements and contractual obligations
  • explaining why it needs personal information, only asking for the personal information it needs and only sharing personal information within zerOclassikal and associated partners such as zeroculture and with other organisations where the person concerned has given their consent
  • allowing people to request access to the personal information it holds on them and to complain if they believe their information has been mishandled
  • not keeping personal information for longer than necessary
  • taking measures to protect the rights and freedoms of individuals whose personal information may be transferred to countries with differing data protection laws
  • ensuring that actual or suspected breaches of information security are reported and investigated
  • assessing and measuring the maturity of its information security controls annually
  • applying these standards to its supply chain and delivery partners


We will provide adequate and appropriate resources to implement this policy and will ensure it is communicated and understood.


zeroClassikal will review this policy statement annually to reflect new legal and regulatory developments and ensure good practice.


This global policy statement was approved last reviewed on 11 May 2018 is due for review in May 2019.